Friday, April 6, 2012

I'm wondering
what's can be done for stopping burglars from stealing from places biometric
databases

I'm wondering
what is the value of biometric data which belongs to 20,000 people.

As I know,
and after speaking with a friend which work in a place that have an online and offline
biometric databases as well as many other companies and places (from laptops to
doors,companies and many more product) fingerprints it's a good tool to recognized
people identity.

According to
Wikipedia:

Track record

Fingerprinting has served all governments worldwide
during the past 100 years or so to provide accurate identification of
criminals. No two fingerprints have ever been found identical in many billions
of human and automated computer comparisons.[60]Fingerprints are the fundamental tool
for the identification of people with a criminal history in every police
agency.[5] It remains the most commonly
gathered forensic evidence worldwide and in most jurisdictions fingerprint
examination outnumbers all other forensic examination casework combined.
Moreover, it continues to expand as the premier method for identifying persons,
with tens of thousands of people added to fingerprint repositories daily in
America alone far more than other forensic databases.

In the recent
years, the idea behind loosing privacy has been changed, and now people don't
care about it like the past,it's not something strange to share you life,and
Facebook is the ultimate example of why the concept of 'Privacy' has to be
change.

Thinking
behind the box

What's gonna be if someone will share his own fingerprint, with no name on
it?

We can found
very easy recording of people who burn there own ID or PASSPORT, but what about
sharing them?

If you share
your own fingerprints you can change the whole picture, systems won't be able
to know if that you or your friend (they can try)

In my opinion in the time that doors have a locked based on offline biometric
database, which can be extract (worker ID and fingerprint) and then the
identity is being lost or at least can't be use again based on fingerprints
only we should start thinking again
about using fingerprints so often.

I do think
that we should avoid privacy from being lost, but in the same time I'm thinking
about more situations

Simulation

1. Play one –
The day after a huge amount of fingerprints will be lost

There is a
super-market with 50 workers with an
offline biometric access between doors, the warehouse has been broken and the
fingerprint biometric database has been stolen or just copied, someone bought
the database and upload it to the internet with all the info.

A year later
a thief did a crime and used a fake fingerprint with one of the workers
fingerprint's

Can one of those fingerprint might be as an
evidence in the court?

While
thinking about the subject I have realized that if someone will hack database
of 500,000 people, this tool will change for ever as a legitimate law of
this kind of tool to recognize people criminals which are suspect of crime

Can we take
the risk?

2. Play two –
Sharing private info instead of avoiding losing

After
realizing the first one I got an idea, assuming that finger print is public
knowledge what can be done with that?

So lets be
creative, now we can open a public database that people will share there own
biometric data with the public like bugmenot.com

In this
website people are sharing there own user and password so others wont have to
register for random websites and then when
a finger print will be found in a crime scene ,the conviction will be
avoid if it will be based on the finger print with no extra support .

It's like an
insurance for people who do crime for living.

I do know
that electronic biometric database won't give you all the info you needs to fake fingerprint's, but
since people can share there own fingerprints they can do it with a scanner as
well.

Imagine a
place that let people to share there identity for free with others by scanning
it.

3. Play three
– Public fingerprints database of crime cartel

Some of the
main target in the crime scene which is leader of the biggest drug cartel is
being arrested of killing two people, he did a mistake and didn't hide the gun
well.

Two years
before, the crime cartel got an idea from hackers who helping them, the idea
was simple: instead of hiding the fingerprints with gloves, they can steal
100,000 people fingerprint from workers clock in/out and then add to this
stolen database to the cartel fingerprints database.

The next act
was to share the database in the Internet so anyone will be able to fake with
it his fingerprint's.

The idea got
spread to many other cartel and crime members together with privacy freedom
fighter has been start to share there own biometric info, included
fingerprints.

Back to the
court, the judge got an new breakthrough claim from the suspect's lawyer,
"the fingerprint is in public database for two years,and any one can use
it " the judge in the first time in the history declaim the fingerprint as
proof for the crime since public data can't be an evidence of one person..

4. Play four
– Creating innocent product that stealing biometric data

A new company
of hackers got an idea, let's build product that will steal people
fingerprints.

The first
step was to build handles with hidden fingerprint readers

With the
built in reader they picked up the results and send it by radio signal for
later use.

Some time to
open doors, and sometime to steal companies workers databases without attacking
any secure database of the company

After time
the stolen database has been stolen again and published in the internet, the
victim companies had to stop recognized worker with finger print reader.

5. Play five
– stealing fingerprint's and DNA in the same time

Since
fingerprints readers are very similar to ATM which are being used in banks, a
designer got an idea, why don't we create an fingerprints scammers? just like ATM scamming but the data will be
fingerprints and DNA.

A system that
looking just like the front of the finger print reader can be attached to the
original one, by that we will be able to steal the fingerprints and the DNA of
the victim in the same time.

6. Play six –
sharing or stealing people faces

In the recent
years faking people faces became more and more simple,

since that
many systems are using cameras to recognized the area, we can create masks of
ourselves as well as others and by that even faces wont be a strong evidence
like the past.

Since we can
share our biometric database, we can share our faces as well so other can use
it and we the thief will stay out of jail.

Into
conclusion

I'm not the
fan of loosing privacy, and I wont build a database with finger prints based on
stealing hardware,databases or public knowledge.

Yet, while
using fingerprint for so many years as a tool to fight crimes, like a murder,
or just for clock in or out ,we should realized that new technology or systems
can avoid us from keeping the traditional uses of this kind of tool in the
future.

I think that
in the future people finger print will be stolen by meaning.

I'm
sure that this can be done right now

If
fingerprint is not enough so lets do the same with faces, now think again about
the consequence